From 7226c0c6980bcb8f36d9bfd9a38d3d6928b06673 Mon Sep 17 00:00:00 2001 From: cato447 Date: Fri, 20 Feb 2026 03:36:06 +0100 Subject: [PATCH] i am smort --- app/routes.py | 19 ++++++++++++------- 1 file changed, 12 insertions(+), 7 deletions(-) diff --git a/app/routes.py b/app/routes.py index 0be81eb..668057a 100644 --- a/app/routes.py +++ b/app/routes.py @@ -41,7 +41,7 @@ from .utils import ( get_course, token_required, get_cached_deck_info, - is_safe_url + is_safe_url, ) @@ -138,7 +138,7 @@ def set_cookie(token): resp = make_response(redirect(next_url)) resp.set_cookie( - "access_token", serialize_token(token), httponly=True, samesite="Lax", path="/" + "access_token", serialize_token(token), httponly=True, samesite="Lax", path="/", max_age=31536000 ) return resp @@ -222,12 +222,15 @@ def register(): def logout(): token = get_token() user_name = token.name if token else "Unknown" + + if flask_login.current_user.is_authenticated: + current_app.logger.info(f"Admin logout: {flask_login.current_user.id}") + flask_login.logout_user() + current_app.logger.info(f"User logout: {user_name}") - resp = make_response( - redirect(url_for("main.index")) - ) # Redirect to a safe page, e.g., index or login - resp.set_cookie("access_token", "", expires=0) # Clears the cookie + resp = make_response(redirect(url_for("main.index"))) + resp.set_cookie("access_token", "", expires=0) return resp @@ -266,7 +269,9 @@ def admin_login(): next_page = request.args.get("next") if next_page and not is_safe_url(next_page): - current_app.logger.warning(f"Blocked unsafe redirect attempt to: {next_page}") + current_app.logger.warning( + f"Blocked unsafe redirect attempt to: {next_page}" + ) return abort(400) if next_page: